Patreon issues Security Notice

Patreon, a popular crowdfunding platform used by many podcasters, issued a security notice earlier this week to all users. From a statement posted by Patreon CEO Jack Conte:

Yesterday I learned that there was unauthorized access to a Patreon database containing user information. Our engineering team has since blocked this access and taken immediate measures to prevent future breaches.

And:

There was unauthorized access to registered names, email addresses, posts, and some shipping addresses. Additionally, some billing addresses that were added prior to 2014 were also accessed. We do not store full credit card numbers on our servers and no credit card numbers were compromised. Although accessed, all passwords, social security numbers and tax form information remain safely encrypted with a 2048-bit RSA key.

The statement goes on to say that no action is required in response to this issue. But Patreon is recommending as a precaution that users reset their account passwords. For full details on the nature of the security breach as well as what Patreon did to correct the problem, click the link at the top of this blog post.